<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p><font face="Calibri">Actalis votes YES</font><br>
</p>
<span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p></o:p></span>
<blockquote type="cite"
cite="mid:SG2PR0301MB10155630CFE27088F44CAFD0F0EB0@SG2PR0301MB1015.apcprd03.prod.outlook.com">
<div class="WordSection1">
<p class="MsoNormal"><a name="_MailEndCompose"
moz-do-not-send="true"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></a></p>
<div style="border:none;border-left:solid blue 1.5pt;padding:0in
0in 0in 4.0pt">
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">From:</span></b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">
Public [<a class="moz-txt-link-freetext" href="mailto:public-bounces@cabforum.org">mailto:public-bounces@cabforum.org</a>]
<b>On Behalf Of </b>Gervase Markham via Public<br>
<b>Sent:</b> Friday, May 5, 2017 9:23 AM<br>
<b>To:</b> CABFPub <a class="moz-txt-link-rfc2396E" href="mailto:public@cabforum.org"><public@cabforum.org></a><br>
<b>Cc:</b> Gervase Markham <a class="moz-txt-link-rfc2396E" href="mailto:gerv@mozilla.org"><gerv@mozilla.org></a><br>
<b>Subject:</b> [cabfpub] Ballot 199 - Require
commonName in Root and Intermediate Certificates<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<p class="MsoNormal"><i>This is the corrected text (one
word change) of ballot 199 which is currently in the
voting period (voting ends on 9th May).</i><br>
<br>
<b>Ballot 199 - Require commonName in Root and
Intermediate Certificates</b><o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto"><b>Purpose
of Ballot: </b>Section 7.1.4.3 of the BRs, which
deals with Subject Information for Subordinate CA
Certificates, currently requires only that all
information in a Subordinate CA Certificate is accurate;
it does not say what information is required. Some of
the necessary information is required elsewhere in the
BRs, but it is not complete - commonName is missing. If
commonName is omitted, DN clashes can more easily occur.
So this motion centralises that information in the
obvious place, and adds a commonName requirement.<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto">The
following motion has been proposed by Gervase Markham of
Mozilla and endorsed by Patrick Tronnier of OATI and
Ryan Sleevi of Google:<br>
<br>
<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto">--
MOTION BEGINS --<o:p></o:p></p>
<p class="MsoNormal"><br>
Make the following changes to the Baseline Requirements:
<o:p></o:p></p>
<pre>* Delete 7.1.2.1 (e), which currently defines the Subject Information required in a Root CA Certificate.<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>* Delete 7.1.2.2 (h), which currently defines the Subject Information required in a Subordinate CA Certificate.<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>* Rename section 7.1.4.2, currently titled "Subject Information", to "Subject Information - Subscriber Certificates".<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>* Rename section 7.1.4.3, currently titled "Subject Information - Subordinate CA Certificates" to "Subject Information - Root Certificates and Subordinate CA Certificates".<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>* Based on the style used in 7.1.4.2.2 and the content from the now-deleted 7.1.2.1 (e) and 7.1.2.2 (h), add the following section 7.1.4.3.1:<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>7.1.4.3.1 Subject Distinguished Name Fields<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>Certificate Field: subject:commonName (OID 2.5.4.3)<o:p></o:p></pre>
<pre>Required/Optional: Required<o:p></o:p></pre>
<pre>Contents: This field MUST be present and the contents SHOULD be an identifier <o:p></o:p></pre>
<pre>for the certificate such that the certificate's Name is unique across all <o:p></o:p></pre>
<pre>certificates issued by the issuing certificate.<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>b. Certificate Field: subject:organizationName (OID 2.5.4.10)<o:p></o:p></pre>
<pre>Required/Optional: Required<o:p></o:p></pre>
<pre>Contents: This field MUST be present and the contents MUST contain<o:p></o:p></pre>
<pre>either the Subject CA’s name or DBA as verified under Section 3.2.2.2.<o:p></o:p></pre>
<pre>The CA may include information in this field that differs slightly from<o:p></o:p></pre>
<pre>the verified name, such as common variations or abbreviations, provided<o:p></o:p></pre>
<pre>that the CA documents the difference and any abbreviations used are<o:p></o:p></pre>
<pre>locally accepted abbreviations; e.g., if the official record shows<o:p></o:p></pre>
<pre>“Company Name Incorporated”, the CA MAY use “Company Name Inc.” or<o:p></o:p></pre>
<pre>“Company Name”.<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>c. Certificate Field: subject:countryName (OID: 2.5.4.6)<o:p></o:p></pre>
<pre>Required/Optional: Required<o:p></o:p></pre>
<pre>Contents: This field MUST contain the two<span style="font-family:"Cambria Math",serif">‐</span>letter ISO 3166<span style="font-family:"Cambria Math",serif">‐</span>1 country code<o:p></o:p></pre>
<pre>for the country in which the CA’s place of business is located.<o:p></o:p></pre>
<p class="MsoNormal">-- MOTION ENDS -- <o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;text-autospace:none"> <o:p></o:p></p>
<p class="line874"
style="margin:0in;margin-bottom:.0001pt"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">The
procedure for approval of this Final Maintenance
Guideline ballot is as follows (exact start and end
times may be adjusted to comply with applicable Bylaws
and IPR Agreement):</span><o:p></o:p></p>
<p class="line874"
style="margin:0in;margin-bottom:.0001pt"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span><o:p></o:p></p>
<table class="MsoNormalTable"
style="border-collapse:collapse" cellspacing="0"
cellpadding="0" border="0">
<tbody>
<tr>
<td style="width:229.25pt;border:solid windowtext
1.0pt;padding:0in 5.4pt 0in 5.4pt" valign="top"
width="306">
<p class="line874"
style="margin:0in;margin-bottom:.0001pt;line-height:105%"><span
style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif">BALLOT
199</span><o:p></o:p></p>
<p class="line874"
style="margin:0in;margin-bottom:.0001pt;line-height:105%"><span
style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif">Status:
Final Maintenance Guideline</span><o:p></o:p></p>
</td>
<td style="width:82.4pt;border:solid windowtext
1.0pt;border-left:none;padding:0in 5.4pt 0in
5.4pt" valign="top" width="110">
<p class="line874"
style="margin:0in;margin-bottom:.0001pt;text-align:center;line-height:105%"
align="center">
<span
style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif">Start
time (23:00 UTC)</span><o:p></o:p></p>
</td>
<td style="width:79.35pt;border:solid windowtext
1.0pt;border-left:none;padding:0in 5.4pt 0in
5.4pt" valign="top" width="106">
<p class="line874"
style="margin:0in;margin-bottom:.0001pt;text-align:center;line-height:105%"
align="center">
<span
style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif">End
time (23:00 UTC)</span><o:p></o:p></p>
</td>
</tr>
<tr>
<td style="width:229.25pt;border:solid windowtext
1.0pt;border-top:none;padding:0in 5.4pt 0in 5.4pt"
valign="top" width="306">
<p class="line874"
style="margin:0in;margin-bottom:.0001pt;line-height:105%"><span
style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif">Discussion
(7 to 14 days)</span><o:p></o:p></p>
</td>
<td
style="width:82.4pt;border-top:none;border-left:none;border-bottom:solid
windowtext 1.0pt;border-right:solid windowtext
1.0pt;padding:0in 5.4pt 0in 5.4pt" valign="top"
width="110">
<p class="line874"
style="margin:0in;margin-bottom:.0001pt;text-align:center;line-height:105%"
align="center">
25 Apr<o:p></o:p></p>
</td>
<td
style="width:79.35pt;border-top:none;border-left:none;border-bottom:solid
windowtext 1.0pt;border-right:solid windowtext
1.0pt;padding:0in 5.4pt 0in 5.4pt" valign="top"
width="106">
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-align:center;line-height:105%"
align="center">
2 May<o:p></o:p></p>
</td>
</tr>
<tr>
<td style="width:229.25pt;border:solid windowtext
1.0pt;border-top:none;padding:0in 5.4pt 0in 5.4pt"
valign="top" width="306">
<p class="line874"
style="margin:0in;margin-bottom:.0001pt;line-height:105%"><span
style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif">Vote
for approval (7 days)</span><o:p></o:p></p>
</td>
<td
style="width:82.4pt;border-top:none;border-left:none;border-bottom:solid
windowtext 1.0pt;border-right:solid windowtext
1.0pt;padding:0in 5.4pt 0in 5.4pt" valign="top"
width="110">
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-align:center;line-height:105%"
align="center">
2 May<o:p></o:p></p>
</td>
<td
style="width:79.35pt;border-top:none;border-left:none;border-bottom:solid
windowtext 1.0pt;border-right:solid windowtext
1.0pt;padding:0in 5.4pt 0in 5.4pt" valign="top"
width="106">
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-align:center;line-height:105%"
align="center">
9 May<o:p></o:p></p>
</td>
</tr>
<tr>
<td style="width:229.25pt;border:solid windowtext
1.0pt;border-top:none;padding:0in 5.4pt 0in 5.4pt"
valign="top" width="306">
<p class="line874"
style="margin:0in;margin-bottom:.0001pt;line-height:105%"><span
style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif">If
vote approves ballot: Review Period (Chair to
send Review Notice) (30 days).
</span><o:p></o:p></p>
<p class="line874"
style="margin:0in;margin-bottom:.0001pt;line-height:105%"><span
style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif">If
Exclusion Notice(s) filed, ballot approval is
rescinded and PAG to be created.</span><o:p></o:p></p>
<p class="line874"
style="margin:0in;margin-bottom:.0001pt;line-height:105%"><span
style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif">If
no Exclusion Notices filed, ballot becomes
effective at end of Review Period.</span><o:p></o:p></p>
</td>
<td
style="width:82.4pt;border-top:none;border-left:none;border-bottom:solid
windowtext 1.0pt;border-right:solid windowtext
1.0pt;padding:0in 5.4pt 0in 5.4pt" valign="top"
width="110">
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-align:center;line-height:105%"
align="center">
Upon filing of Review Notice by Chair<o:p></o:p></p>
</td>
<td
style="width:79.35pt;border-top:none;border-left:none;border-bottom:solid
windowtext 1.0pt;border-right:solid windowtext
1.0pt;padding:0in 5.4pt 0in 5.4pt" valign="top"
width="106">
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-align:center;line-height:105%"
align="center">
30 days after filing of Review Notice by Chair<o:p></o:p></p>
</td>
</tr>
</tbody>
</table>
<p class="line874"
style="margin:0in;margin-bottom:.0001pt"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span><o:p></o:p></p>
<p class="line874"
style="margin:0in;margin-bottom:.0001pt"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">From
Bylaw 2.3: If the Draft Guideline Ballot is proposing
a Final Maintenance Guideline, such ballot will
include a redline or comparison showing the set of
changes from the Final Guideline section(s) intended
to become a Final Maintenance Guideline, and need not
include a copy of the full set of guidelines. Such
redline or comparison shall be made against the Final
Guideline section(s) as they exist at the time a
ballot is proposed, and need not take into
consideration other ballots that may be proposed
subsequently, except as provided in Bylaw Section
2.3(j).</span><o:p></o:p></p>
<p class="line874"
style="margin:0in;margin-bottom:.0001pt"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span><o:p></o:p></p>
<p class="line862"
style="margin:0in;margin-bottom:.0001pt"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">Votes
must be cast by posting an on-list reply to this
thread on the Public list. A vote in favor of the
motion must indicate a clear 'yes' in the response. A
vote against must indicate a clear 'no' in the
response. A vote to abstain must indicate a clear
'abstain' in the response. Unclear responses will not
be counted. The latest vote received from any
representative of a voting member before the close of
the voting period will be counted. Voting members are
listed here:
</span><a href="https://cabforum.org/members/"
moz-do-not-send="true"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">https://cabforum.org/members/</span></a><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">
</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">In
order for the motion to be adopted, two thirds or more
of the votes cast by members in the CA category and
greater than 50% of the votes cast by members in the
browser category must be in favor. <span
style="background:white">Quorum is shown on CA/Browser
Forum wiki. Under Bylaw 2.2(g), at least the required
quorum number must participate in the ballot for the
ballot to be valid, either by voting in favor, voting
against, or abstaining.</span><o:p></o:p></p>
</div>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Public mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Public@cabforum.org">Public@cabforum.org</a>
<a class="moz-txt-link-freetext" href="https://cabforum.org/mailman/listinfo/public">https://cabforum.org/mailman/listinfo/public</a>
</pre>
</blockquote>
<br>
<div class="moz-signature">-- <br>
<p style="font-family: Serif">
Cordiali saluti,<br>
<br>
Adriano Santoni<br>
ACTALIS S.p.A.<br>
(Aruba Group)</p>
</div>
</body>
</html>